Netfilter "Flow offload" / HW NAT


#142

I tested SW flowoffload on my R6300v2 and it made little difference.
With offloading off I got 330Mbps of WAN to LAN throughput, while with offloading on I got 360Mbps. In both cases top command showed >95% of sirq


#143

Is your internet connection using PPPoE by any chance? I didn't notice a big difference either with SW flowoffload on my PPPoE connection. HW flowoffload did help immensely because the PPPoE encapsulation/decapsulation could also be offloaded.


#144

I made the test with two PCs, so it's static IP/DHCP


#145

my patch fix this:


#146

@nbd

I am using the latest trunk version and I noticed if either the software offload, or the software + hw offload is on, my pptp vpn connections are not able to establish.

I am using the nf_nathelper_extra module and auto module loading. Is this and expected limitation?

Otherwise the HW offload works very nicely (mt7621): 900/200Mbits with below 5% utilization via PPPoE (IPv4) in both directions.


#147

Flow offload not work with MWAN3 on Octeon soc.


#148

has anyone seen this? gwlim looks like he was able to get the qca-sdk module included which allows you to set hardware nat.


#149

Will be pointless once it's on kernel 4.14.


#150

Yeah but it’s still on 4.9 isn’t it?


#151

Take a look into my ath79 builds if you are interested in 4.14 builds for the ath79/ar71xx Qualcom/Atheros devices.
Currently there is only a smal subset of the old ar71xx devices supported, but due to ar71xx will be left on 4.9 and 4.14 does support flow offloading by default, the number of ported devices increases...


#152

ath79 support recently got merged for the c7v2.


#153

A image for C7c2 is included since yesterday...


#154

FWIW, I'm using my own image because we were doing them at the same time.

I'm on a c7v2 and am noticing some strange interactions between flow offload and mwan3.
Anyone else multi-homed and playing with this yet?


#155

Sadly offloading without hardware support seems to make mwan3 work slow or strange, is this your problem? I have this on ath79, with mediatek switch that can do hardware nat, all seems to work perfectly. Shortcut fe worked also


#156

Will it though? Even with flow offload you can't quite route 1Gbps lan to wan on ipq806x, whereas the stock firmware can.


#157

The @gwlim work was on ar71xx, not ipq806x. ar71xx is not as crippled as ipq806x. I also have some patches in my tree that speed up the Ethernet driver there.

Flow offload gets the v2 to around 900mbps I believe.


#158

On WDR3600 i reach ~930MBit/s and this device has only one cpu port connected to the switch and not as much cpu power as the C7v2...

iperf nat performance with flow offloading enabled on wdr3600 (ath79)

[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-30.0 sec  3.24 GBytes   929 Mbits/sec

#159

Stock fw will do a offload to the switch and openwrt does all connection handling on cpu (except hw flow offloading on MT7621)


#160

I stand corrected :slight_smile:

My patches may allow reaching 930.


#161

that's my point :slight_smile: HW flow offload, if it can be enabled cleanly for ipq806x would be a good goal.

Now if Qualcomm actually did something useful and didn't stick to Kernel 3.x for their QSDK that might be a possibility without a lot of reverse engineering.